#!/bin/bash
#SHOULD BE INSTALLED AND EXECUTED WHEN id_rsa key is USED
#Author: Geert Geurts, geert.geurts@hrz.tu-darmstadt.de
if [ -n "$(echo $SSH_ORIGINAL_COMMAND|tr -d '\.'|grep -e '^rsync --server --sender.*/node-images/[a-zA-Z-]\+/\?$')" ] || [ -n "$(echo $SSH_ORIGINAL_COMMAND|grep -e '^/usr/lib/tuda/[a-z_]\+.sh \([0-9]\{1,3\}.\?\)\{4\}\(\/[0-9]\{1,2\}\)\?$')" ]; then
	echo "sshrestrictor($(date +%F_%R): $SSH_ORIGINAL_COMMAND is ok to run">>/var/log/tuda_sshrestrictor.log
	/bin/sh -c "$SSH_ORIGINAL_COMMAND"
else
	echo "sshrestrictor($(date +%F_%R): $SSH_ORIGINAL_COMMAND is NOT ok, aborting">>/var/log/tuda_sshrestrictor.log
	exit 1
fi
